diff options
author | Leo Famulari <leo@famulari.name> | 2017-01-06 17:14:41 -0500 |
---|---|---|
committer | Leo Famulari <leo@famulari.name> | 2017-01-06 17:14:41 -0500 |
commit | 74288230ea8b2310495dc2739f39ceadcc143fd0 (patch) | |
tree | 73ba6c7c13d59c5f92b409c94dccfff159e08f4d /gnu/packages/patches/httpd-CVE-2016-8740.patch | |
parent | 92e779592d269ca1924f184496eb4ca832997b12 (diff) | |
parent | aa21c764d65068783ae31febee2a92eb3d138a24 (diff) | |
download | guix-patches-74288230ea8b2310495dc2739f39ceadcc143fd0.tar guix-patches-74288230ea8b2310495dc2739f39ceadcc143fd0.tar.gz |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/httpd-CVE-2016-8740.patch')
-rw-r--r-- | gnu/packages/patches/httpd-CVE-2016-8740.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/gnu/packages/patches/httpd-CVE-2016-8740.patch b/gnu/packages/patches/httpd-CVE-2016-8740.patch new file mode 100644 index 0000000000..17ba323ccf --- /dev/null +++ b/gnu/packages/patches/httpd-CVE-2016-8740.patch @@ -0,0 +1,36 @@ +This patch applies against httpd-2.4.23 and shouldn't be needed in later releases +http://openwall.com/lists/oss-security/2016/12/05/17 +Index: modules/http2/h2_stream.c +=================================================================== +--- modules/http2/h2_stream.c (revision 1771866) ++++ modules/http2/h2_stream.c (working copy) +@@ -322,18 +322,18 @@ + HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE); + } + } +- } +- +- if (h2_stream_is_scheduled(stream)) { +- return h2_request_add_trailer(stream->request, stream->pool, +- name, nlen, value, vlen); +- } +- else { +- if (!input_open(stream)) { +- return APR_ECONNRESET; ++ ++ if (h2_stream_is_scheduled(stream)) { ++ return h2_request_add_trailer(stream->request, stream->pool, ++ name, nlen, value, vlen); + } +- return h2_request_add_header(stream->request, stream->pool, +- name, nlen, value, vlen); ++ else { ++ if (!input_open(stream)) { ++ return APR_ECONNRESET; ++ } ++ return h2_request_add_header(stream->request, stream->pool, ++ name, nlen, value, vlen); ++ } + } + } + |